Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

Access files only through one site

1

I wanted to configure my Buckets on Amazon S3, so that the files can only be accessed by a site of my choice. For example, I want the images that are hosted here to only be accessed through my blog that I have.

Topics
Storage
Tags
Amazon Simple Storage Service
Language
English
asked 3 years ago307 views
2 Answers
1

Hi,

It is not possible to restrict it by plain domain. Even if you add aws:referer as condition in your bucket policy, then clients can still add it and by pass it.

Instead, do it by restricting source ip: https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-bucket-policies.html#example-bucket-policies-IP

Finally, If you have CloudFront in front of the bucket, a more advanced way is to use WAF. https://docs.aws.amazon.com/waf/latest/developerguide/classic-web-acl-ip-conditions.html

Hope it helps ;)

EXPERT
answered 3 years ago
  • rePost-User-5631830
    3 years ago

    So does this mean that it is not possible to do hotlink protection?

0

You can setup custom bucket policy or else you can just paste the URL of the S3 image inside your blog and if you didn't share that URL with anyone, who is going to access it

answered 3 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content